Lucene search
K

20895 matches found

The Hacker News
The Hacker News
added 2026/04/20 11:30 a.m.8 views

Why Most AI Deployments Stall After the Demo

The fastest way to fall in love with an AI tool is to watch the demo. Everything moves quickly. Prompts land cleanly. The system produces impressive outputs in seconds. It feels like the beginning of a new era for your team. But most AI initiatives don't fail because of bad technology. They stall...

5.7AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/20 10:42 a.m.27 views

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's MCP architecture that could pave the way for remote code execution and have a cascading effect on the artificial intelligence AI supply chain. "This flaw enables Arbitrary Command Execution R...

9.9CVSS7.4AI score0.38532EPSS
Exploits9
The Hacker News
The Hacker News
added 2026/04/20 7:34 a.m.9 views

Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems

Cybersecurity researchers have flagged a new malware called ZionSiphon that appears to be specifically designed to target Israeli water treatment and desalination systems. The malware has been codenamed ZionSiphon by Darktrace, highlighting its ability to set up persistence, tamper with local...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/20 3:35 a.m.11 views

Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentials

Web infrastructure provider Vercel has disclosed a security breach that allows bad actors to gain unauthorized access to "certain" internal Vercel systems. The incident stemmed from the compromise of Context.ai, a third-party artificial intelligence AI tool, that was used by an employee at the...

5.7AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/18 8:7 a.m.10 views

[Webinar] Eliminate Ghost Identities Before They Expose Your Enterprise Data

In 2024, compromised service accounts and forgotten API keys were behind 68% of cloud breaches. Not phishing. Not weak passwords. Unmanaged non-human identities that nobody was watching. For every employee in your org, there are 40 to 50 automated credentials: service accounts, API tokens, AI age...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/18 7:59 a.m.9 views

$13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claims

Grinex, a Kyrgyzstan-incorporated cryptocurrency exchange sanctioned by the U.K. and the U.S. last year, said it's suspending operations after it blamed Western intelligence agencies for a $13.74 million hack. The exchange said it fell victim to what it described as a large-scale cyber attack tha...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/18 6:1 a.m.10 views

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet

Threat actors are exploiting security flaws in TBK DVR and end‑of‑life EoL TP-Link Wi-Fi routers to deploy Mirai-botnet variants on compromised devices, according to findings from Fortinet FortiGuard Labs and Palo Alto Networks Unit 42. The attack targeting TBK DVR devices has been found to explo...

8.8CVSS7.7AI score0.99999EPSS
Exploits13
The Hacker News
The Hacker News
added 2026/04/17 1:21 p.m.17 views

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched

Huntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain elevated privileges in compromised systems. The activity involves the exploitation of three vulnerabilities that are codenamed BlueHammer requires GitHub sign-in, RedSun, an...

7.8CVSS6.4AI score0.06749EPSS
Exploits3
The Hacker News
The Hacker News
added 2026/04/17 10:47 a.m.5 views

Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul

Google this week announced a new set of Play policy updates to strengthen user privacy and protect businesses against fraud, even as it revealed it blocked or removed over 8.3 billion ads globally and suspended 24.9 million accounts in 2025. The new policy updates relate to contact and location...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/17 7:14 a.m.10 views

NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions

The National Institute of Standards and Technology NIST has announced changes to the way it handles cybersecurity vulnerabilities and exposures CVEs listed in its National Vulnerability Database NVD, stating it will only enrich those that fulfil certain conditions owing to an explosion in CVE...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/17 5:46 a.m.6 views

Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts

An international law enforcement operation has taken down 53 domains and arrested four people in connection with commercial distributed denial-of-service DDoS operations that were used by more than 75,000 cybercriminals. The ongoing effort, dubbed Operation PowerOFF , disrupted access to the...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/17 3:22 a.m.10 views

Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation

A recently disclosed high-severity security flaw in Apache ActiveMQ Classic has come under active exploitation in the wild, per the U.S. Cybersecurity and Infrastructure Security Agency CISA. To that end, the agency has added the vulnerability, tracked as CVE-2026-34197 CVSS score: 8.8, to its...

10CVSS7.5AI score0.99654EPSS
Exploits43
The Hacker News
The Hacker News
added 2026/04/16 5:52 p.m.10 views

Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic

Cybersecurity researchers have warned of an active malicious campaign that's targeting the workforce in the Czech Republic with a previously undocumented botnet dubbed PowMix since at least December 2025. "PowMix employs randomized command-and-control C2 beaconing intervals, rather than persisten...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/16 1:5 p.m.11 views

ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories

You know that feeling when you open your feed on a Thursday morning and it's just... a lot? Yeah. This week delivered. We've got hackers getting creative in ways that are almost impressive if you ignore the whole "crime" part, ancient vulnerabilities somehow still ruining people's days, and enoug...

9.3CVSS7.2AI score0.43063EPSS
Exploits7
The Hacker News
The Hacker News
added 2026/04/16 11:27 a.m.11 views

Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution

Cisco has announced patches to address four critical security flaws impacting Identity Services and Webex Services that could result in arbitrary code execution and allow an attacker to impersonate any user within the service. The details of the vulnerabilities are below - CVE-2026-20184 CVSS...

9.9CVSS6.8AI score0.11679EPSS
Exploits1
The Hacker News
The Hacker News
added 2026/04/16 10:30 a.m.9 views

Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu

A bank approved a Taboola pixel. That pixel quietly redirected logged-in users to a Temu tracking endpoint. This occurred without the bank’s knowledge, without user consent, and without a single security control registering a violation. Read the full technical breakdown in the Security Intelligen...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/16 10:20 a.m.12 views

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

A "novel" social engineering campaign has been observed abusing Obsidian, a cross-platform note-taking application, as an initial access vector to distribute a previously undocumented Windows remote access trojan called PHANTOMPULSE in attacks targeting individuals in the financial and...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/16 6:20 a.m.9 views

UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign

The Computer Emergencies Response Team of Ukraine CERT-UA has disclosed details of a new campaign that has targeted governments and municipal healthcare institutions, mainly clinics and emergency hospitals, to deliver malware capable of stealing sensitive data from Chromium-based web browsers and...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/15 5:9 p.m.7 views

n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails

Threat actors have been observed weaponizing n8n, a popular artificial intelligence AI workflow automation platform, to facilitate sophisticated phishing campaigns and deliver malicious payloads or fingerprint devices by sending automated emails. "By leveraging trusted infrastructure, these...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/15 12:56 p.m.23 views

Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover

A recently disclosed critical security flaw impacting nginx-ui, an open-source, web-based Nginx management tool, has come under active exploitation in the wild. The vulnerability in question is CVE-2026-33032 CVSS score: 9.8, an authentication bypass vulnerability that enables threat actors to...

9.8CVSS7.7AI score0.38477EPSS
Exploits17
The Hacker News
The Hacker News
added 2026/04/15 12:37 p.m.14 views

April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More

A number of critical vulnerabilities impacting products from Adobe, Fortinet, Microsoft, and SAP have taken center stage in April's Patch Tuesday releases. Topping the list is an SQL injection vulnerability impacting SAP Business Planning and Consolidation and SAP Business Warehouse CVE-2026-2768...

9.9CVSS6.8AI score0.48668EPSS
Exploits12
The Hacker News
The Hacker News
added 2026/04/15 11:30 a.m.7 views

Deterministic + Agentic AI: The Architecture Exposure Validation Requires

Few technologies have moved from experimentation to boardroom mandate as quickly as AI. Across industries, leadership teams have embraced its broader potential, and boards, investors, and executives are already pushing organizations to adopt it across operational and security functions. Pentera’s...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/15 8:40 a.m.17 views

Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilities

Microsoft on Tuesday released updates to address a record 169 security flaws across its product portfolio, including one vulnerability that has been actively exploited in the wild. Of these 169 vulnerabilities, 157 are rated Important, eight are rated Critical, three are rated Moderate, and one i...

9.8CVSS7.4AI score0.5585EPSS
Exploits6
The Hacker News
The Hacker News
added 2026/04/15 4:30 a.m.19 views

OpenAI Launches GPT-5.4-Cyber with Expanded Access for Security Teams

OpenAI on Tuesday unveiled GPT-5.4-Cyber , a variant of its latest flagship model, GPT‑5.4, that's specifically optimized for defensive cybersecurity use cases, days after rival Anthropic unveiled its own frontier model, Mythos. "The progressive use of AI accelerates defenders – those responsible...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/14 3:57 p.m.7 views

New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released

Two high-severity security vulnerabilities have been disclosed in Composer, a package manager for PHP, that, if successfully exploited, could result in arbitrary command execution. The vulnerabilities have been described as command injection flaws affecting the Perforce VCS version control softwa...

6.3AI score0.01688EPSS
Exploits4
The Hacker News
The Hacker News
added 2026/04/14 2:56 p.m.8 views

Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security

Google has announced the integration of a Rust-based Domain Name System DNS parser into the modem firmware as part of its ongoing efforts to beef up the security of Pixel devices and push memory-safe code at a more foundational level. "The new Rust-based DNS parser significantly reduces our...

9.8CVSS6.3AI score0.00318EPSS
Exploits0
The Hacker News
The Hacker News
added 2026/04/14 2:30 p.m.5 views

AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud

Cybersecurity researchers have unmasked a novel ad fraud scheme that has been found to leverage search engine poisoning SEO techniques and artificial intelligence AI-generated content to push deceptive news stories into Google's Discover feed and trick users into enabling persistent browser...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/14 10:20 a.m.8 views

Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads

A nascent Android remote access trojan called Mirax has been observed actively targeting Spanish-speaking countries, with campaigns reaching more than 220,000 accounts on Facebook, Instagram, Messenger, and Threads through advertisements on Meta. "Mirax integrates advanced Remote Access Trojan RA...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/14 10:0 a.m.5 views

Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)

OX Security recently analyzed 216 million security findings across 250 organizations over a 90-day period. The primary takeaway: while raw alert volume grew by 52% year-over-year, prioritized critical risk grew by nearly 400%. The surge in AI-assisted development is creating a "velocity gap" wher...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/14 8:35 a.m.7 views

108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users

Cybersecurity researchers have discovered a new campaign in which a cluster of 108 Google Chrome extensions has been found to communicate with the same command-and-control C2 infrastructure with the goal of collecting user data and enabling browser-level abuse by injecting ads and arbitrary...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/14 5:50 a.m.10 views

ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers

A critical security vulnerability impacting ShowDoc, a document management and collaboration service popular in China, has come under active exploitation in the wild. The vulnerability in question is CVE-2025-0520 aka CNVD-2020-26585, which carries a CVSS score of 9.4 out of 10.0. It relates to a...

9.4CVSS6.4AI score0.00976EPSS
Exploits0
The Hacker News
The Hacker News
added 2026/04/14 5:39 a.m.7 views

CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added half a dozen security flaws to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The list of vulnerabilities is as follows - CVE-2026-21643 CVSS score: 9.1 - An SQL injection...

9.8CVSS7.4AI score0.94085EPSS
Exploits5
The Hacker News
The Hacker News
added 2026/04/13 5:15 p.m.8 views

JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025

Banks and financial institutions in Latin American countries like Brazil and Mexico have continued to be the target of a malware family called JanelaRAT. A modified version of BX RAT, JanelaRAT is known to steal financial and cryptocurrency data associated with specific financial entities, as wel...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/13 2:46 p.m.5 views

FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts

The U.S. Federal Bureau of Investigation FBI, in partnership with the Indonesian National Police, has dismantled the infrastructure associated with a global phishing operation that leveraged an off-the-shelf toolkit called W3LL to steal thousands of victims' account credentials and attempt more...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/13 1:1 p.m.24 views

⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

Monday is back, and the weekend’s backlog of chaos is officially hitting the fan. We are tracking a critical zero-day that has been quietly living in your PDFs for months, plus some aggressive state-sponsored meddling in infrastructure that is finally coming to light. It is one of those mornings...

10CVSS8AI score0.97408EPSS
Exploits88
The Hacker News
The Hacker News
added 2026/04/13 11:41 a.m.5 views

Your MTTD Looks Great. Your Post-Alert Gap Doesn't

Anthropic restricted its Mythos Preview model last week after it autonomously found and exploited zero-day vulnerabilities in every major operating system and browser. Palo Alto Networks' Wendi Whitmore warned that similar capabilities are weeks or months from proliferation. CrowdStrike's 2026...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/13 9:15 a.m.7 views

North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware

The North Korean hacking group tracked as APT37 aka ScarCruft has been attributed to a fresh multi-stage, social engineering campaign in which threat actors approached targets on Facebook and added them as friends on the social media platform, turning the trust-building exercise into a delivery...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/13 6:50 a.m.9 views

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

OpenAI revealed a GitHub Actions workflow used to sign its macOS apps led to the download of the malicious Axios library on March 31, but noted that no user data or internal system was compromised. "Out of an abundance of caution, we are taking steps to protect the process that certifies our macO...

9.4CVSS6.2AI score0.60368EPSS
Exploits2
The Hacker News
The Hacker News
added 2026/04/12 5:54 a.m.8 views

CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads

Unknown threat actors compromised CPUID "cpuid.com", a website that hosts popular hardware monitoring tools like CPU-Z, HWMonitor, HWMonitor Pro, and PerfMonitor, for less than 24 hours to serve malicious executables for the software and deploy a remote access trojan called STX RAT. The incident...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/12 4:25 a.m.11 views

Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621

Adobe has released emergency updates to fix a critical security flaw in Acrobat Reader that has come under active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2026-34621 , carries a CVSS score of 8.6 out of 10.0. Successful exploitation of the flaw could allow an...

8.6CVSS7.9AI score0.07086EPSS
Exploits4
The Hacker News
The Hacker News
added 2026/04/11 6:2 a.m.12 views

Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data

Hungarian domestic intelligence, the national police in El Salvador, and several U.S. law enforcement and police departments have been attributed to the use of an advertising-based global geolocation surveillance system called Webloc. The tool was developed by Israeli company Cobwebs Technologies...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/10 1:23 p.m.5 views

GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs

Cybersecurity researchers have flagged yet another evolution of the ongoing GlassWorm campaign, which employs a new Zig dropper that's designed to stealthily infect all integrated development environments IDEs on a developer's machine. The technique has been discovered in an Open VSX extension...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/10 11:0 a.m.13 views

Browser Extensions Are the New AI Consumption Channel That No One Is Talking About

While much of the discussion on AI security centers around protecting ‘shadow’ AI and GenAI consumption, there's a wide-open window nobody's guarding: AI browser extensions. A new report from LayerX exposes just how deep this blind spot goes, and why AI extensions may be the most dangerous AI...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/10 7:58 a.m.9 views

Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows

Google has made Device Bound Session Credentials DBSC generally available to all Windows users of its Chrome web browser, months after it began testing the security feature in open beta. The public availability is currently limited to Windows users on Chrome 146, with macOS expansion planned in a...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/10 7:37 a.m.8 views

Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure

A critical security vulnerability in Marimo, an open-source Python notebook for data science and analysis, has been exploited within 10 hours of public disclosure, according to findings from Sysdig. The vulnerability in question is CVE-2026-39987 CVSS score: 9.3, a pre-authenticated remote code...

9.8CVSS8.2AI score0.95645EPSS
Exploits11
The Hacker News
The Hacker News
added 2026/04/10 6:28 a.m.4 views

Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers

Unknown threat actors have hijacked the update system for the Smart Slider 3 Pro plugin for WordPress and Joomla to push a poisoned version containing a backdoor. The incident impacts Smart Slider 3 Pro version 3.5.1.35 for WordPress, per WordPress security company Patchstack. Smart Slider 3 is a...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/09 5:26 p.m.6 views

EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallet Installs

Details have emerged about a now-patched security vulnerability in a widely used third-party Android software development kit SDK called EngageLab SDK that could have put millions of cryptocurrency wallet users at risk. "This flaw allows apps on the same device to bypass Android security sandbox...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/09 4:23 p.m.6 views

UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns

A previously undocumented threat cluster dubbed UAT-10362 has been attributed to spear-phishing campaigns targeting Taiwanese non-governmental organizations NGOs and suspected universities to deploy a new Lua-based malware called LucidRook. "LucidRook is a sophisticated stager that embeds a Lua...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/09 12:57 p.m.10 views

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

Thursday. Another week, another batch of things that probably should've been caught sooner but weren't. This one's got some range — old vulnerabilities getting new life, a few "why was that even possible" moments, attackers leaning on platforms and tools you'd normally trust without thinking twic...

8.8CVSS7.5AI score0.96666EPSS
Exploits15
The Hacker News
The Hacker News
added 2026/04/09 11:31 a.m.7 views

The Hidden Security Risks of Shadow AI in Enterprises

As AI tools become more accessible, employees are adopting them without formal approval from IT and security teams. While these tools may boost productivity, automate tasks, or fill gaps in existing workflows, they also operate outside the visibility of security teams, bypassing controls and...

6.1AI score
Exploits0
Total number of security vulnerabilities20895